Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
7Zoom_Playe...CH.exe
windows7-x64
7Zoom_Playe...CH.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$SYSDIR/ac3config.exe
windows7-x64
1$SYSDIR/ac3config.exe
windows10-2004-x64
1$SYSDIR/ac3filter.dll
windows7-x64
1$SYSDIR/ac3filter.dll
windows10-2004-x64
1$SYSDIR/av...er.dll
windows7-x64
1$SYSDIR/av...er.dll
windows10-2004-x64
1$SYSDIR/cd...er.dll
windows7-x64
1$SYSDIR/cd...er.dll
windows10-2004-x64
1$SYSDIR/cd...er.dll
windows7-x64
1$SYSDIR/cd...er.dll
windows10-2004-x64
1DefaultSettings.exe
windows7-x64
7DefaultSettings.exe
windows10-2004-x64
7zpic.exe
windows7-x64
3zpic.exe
windows10-2004-x64
3zplayer.exe
windows7-x64
7zplayer.exe
windows10-2004-x64
3zpresampler.dll
windows7-x64
7zpresampler.dll
windows10-2004-x64
7zpupdate.exe
windows7-x64
7zpupdate.exe
windows10-2004-x64
7新云软件.url
windows7-x64
1新云软件.url
windows10-2004-x64
1General
-
Target
3338a4498dff5bad579c25eda176666e_JaffaCakes118
-
Size
7.4MB
-
Sample
240710-ej6gasvgqm
-
MD5
3338a4498dff5bad579c25eda176666e
-
SHA1
a51ea7c6780c11c7a0298ff0bb434f521f723f3b
-
SHA256
265c863c1cda7c59859a7e222b30dbadfa2728f0211269ac6f38636e4c486992
-
SHA512
8c0ad6265e98b327d97c46ff3a00f6027f83db76c0faf048bb998cecfbf66b7e89fe3d7d075462c387cc7a0f16d6a229ee22f717988582008eb91d9745d4b73a
-
SSDEEP
196608:M3uB96kukJuaoU7OWWdrJVlK/xo+2BlduNyQrQWPWjFc/3SBwwqHIed:p6kuTG7OWWlJVMpp2+XWa36/U
Behavioral task
behavioral1
Sample
Zoom_Player_Premium_6.00_RC2_Plus_SCH.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
Zoom_Player_Premium_6.00_RC2_Plus_SCH.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral5
Sample
$SYSDIR/ac3config.exe
Resource
win7-20240705-en
Behavioral task
behavioral6
Sample
$SYSDIR/ac3config.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral7
Sample
$SYSDIR/ac3filter.dll
Resource
win7-20240708-en
Behavioral task
behavioral8
Sample
$SYSDIR/ac3filter.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral9
Sample
$SYSDIR/avi2ac3filter.dll
Resource
win7-20240705-en
Behavioral task
behavioral10
Sample
$SYSDIR/avi2ac3filter.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral11
Sample
$SYSDIR/cddareader.dll
Resource
win7-20240704-en
Behavioral task
behavioral12
Sample
$SYSDIR/cddareader.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral13
Sample
$SYSDIR/cdxareader.dll
Resource
win7-20240704-en
Behavioral task
behavioral14
Sample
$SYSDIR/cdxareader.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral15
Sample
DefaultSettings.exe
Resource
win7-20240708-en
Behavioral task
behavioral16
Sample
DefaultSettings.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral17
Sample
zpic.exe
Resource
win7-20240708-en
Behavioral task
behavioral18
Sample
zpic.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral19
Sample
zplayer.exe
Resource
win7-20240708-en
Behavioral task
behavioral20
Sample
zplayer.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral21
Sample
zpresampler.dll
Resource
win7-20240704-en
Behavioral task
behavioral22
Sample
zpresampler.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral23
Sample
zpupdate.exe
Resource
win7-20240705-en
Behavioral task
behavioral24
Sample
zpupdate.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral25
Sample
新云软件.url
Resource
win7-20240704-en
Behavioral task
behavioral26
Sample
新云软件.url
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
Zoom_Player_Premium_6.00_RC2_Plus_SCH.exe
-
Size
7.4MB
-
MD5
12da661b6214e0c3a0c6e03656cff736
-
SHA1
aa2d173daec31f87bc940818a650a997b40bbeda
-
SHA256
c881698a3a5eeecddcc0ede74d8af06e0a5ba7c34e39d04640dca3e45e173936
-
SHA512
7ada11d4622c12e7b098fec92e8fdd777bd5af6ffb6448b9df11483fbdbd3901afd15052dcadca47604cde2eabbd2437cbbf2ada85fb7476b7ad7ad4c52d1ced
-
SSDEEP
196608:Z3e1fzaUEn89c92SIjCWV/hSRI+IS+Emf2+Can1Cl:Zuf2n89XS+CWVZa3aff18
Score7/10-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
14KB
-
MD5
3809b1424d53ccb427c88cabab8b5f94
-
SHA1
bc74d911216f32a9ca05c0d9b61a2aecfc0d1c0e
-
SHA256
426efd56da4014f12ec8ee2e268f86b848bbca776333d55482cb3eb71c744088
-
SHA512
626a1c5edd86a71579e42bac8df479184515e6796fa21cb4fad6731bb775641d25f8eb8e86b939b9db9099453e85c572c9ea7897339a3879a1b672bc9226fcee
-
SSDEEP
192:i6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxT7K72dwF7dBdcQOz:i6JaVh4I5rpPbT7+BdhO
Score3/10 -
-
-
Target
$SYSDIR/ac3config.exe
-
Size
16KB
-
MD5
d2db48603dd4ec358f8707fe2be22eb0
-
SHA1
fb916c80aab7add48cdb83cc5e29723a70ac7d39
-
SHA256
cdc445315b2a5718778e5607bdb5841aba85f0d94a765e51df3a309038034e29
-
SHA512
f8dcfafc6ccebab3a939bd8bb317f0556a8bdaec94c4fa57c7b71502d7f2b69116a8196e4c09519d980b38107aea843cd1a518eee47a15b84124dbf6aa8aab0f
-
SSDEEP
96:lh5sqK9uvkguYzxk8iVouOPtboynsJGb4o:lhW+kgDrAouOP1oyns4k
Score1/10 -
-
-
Target
$SYSDIR/ac3filter.ax
-
Size
504KB
-
MD5
f083331b79850b0f6cd77b3a51ed6c00
-
SHA1
b7cc99c26a9477f4d8f9f92b60783eac03ac4965
-
SHA256
0d4fb95c124553b36a875c830fa0f7a49ba4ec9f21e1736b141225f1f9b4e48c
-
SHA512
eeeee070d4121c3383e716f6be4ce2e1a295faab691b799b10b02786bf1feec6b950c8320d68ad7c88986f739465c47d682c6fefec083f9f98b1f52798a9dfaa
-
SSDEEP
6144:D7l0o7/SrT9rCEs4+uU8Z90qvlnL0PNAILa/Mwyy8uG9g:D7l0QiW4+uUs6q5IO/Mw5
Score1/10 -
-
-
Target
$SYSDIR/avi2ac3filter.ax
-
Size
152KB
-
MD5
c2a0912e5760158ffee79803871c8e31
-
SHA1
08d42f3f8463ac73775283033b0f032e4ffb3aba
-
SHA256
0d3016ea184f98c9ccde64f896b6a09fc69c817698597df06768b9f5dd2c9030
-
SHA512
2ad2f5dc0cdbf73c9c93e30f6cd2b86aa680d817c71d5b0ef9d3c6181a2ba6bb209fc55e69702d280f6cd8249e2c4ba4120e78e155e378d8523c80f966e76c50
-
SSDEEP
3072:f7b2nHKSKTxJpgM3Pr2XfwfxlY8D4USl/9Za9WpH:WKSCx71+qxlY80d9Zgq
Score1/10 -
-
-
Target
$SYSDIR/cddareader.ax
-
Size
260KB
-
MD5
b7d7fb864c0a9db026666c5f4fe03f41
-
SHA1
0d09fdf842e09c3add9439074ac63117526710f8
-
SHA256
e9dffd5f24879cf36af0901d82f620891ce738f572db26a6aaf4100932e4f64e
-
SHA512
cc383c56d778391442a6c51821c791633f7b9533218d41e2a7327355321949754c0eeb6aeaa189a0c73f10af1d509777a53b0c3ac6c880763f56f486b68db72c
-
SSDEEP
3072:mad+fI2CxCz6SiWVhDERfJ+egGROBuvF15+V8bjd61wr730nUwTj6Q0tl9io/Sfo:y8CmSnDERfcegLUbl6rsQi9io/SW
Score1/10 -
-
-
Target
$SYSDIR/cdxareader.ax
-
Size
248KB
-
MD5
ad7626525fcd82da4608aa2813134188
-
SHA1
f74809b1780de796b9c4e98096d0995c4758c972
-
SHA256
000c5e8238c076deef3bd091a8c83af247a2a24ef59252590f04d946804c9471
-
SHA512
32f559b8db5188a989e02031ddaa3ee021b31b8f44ae824697302871ca01cab63ae60696bf3d155a6400d2999ab49a49fccbe0eca9b8fed0382e44460d1f8f92
-
SSDEEP
3072:S35taHwOIkwemfgT3oD44OrKagBGA3PxSoUI4wr73W5UAtMLioEM2y2KO+1:9Ce/3oD4vrKNqo0+LioEfyi
Score1/10 -
-
-
Target
DefaultSettings.exe
-
Size
10KB
-
MD5
7bd2c221658efc1613bfbd0626f05574
-
SHA1
2d3cf6a1f94d3a67a0a618dc77fa72b2bb46635b
-
SHA256
48fd8b0da177d88255c54f6cd55ea693e3a84d1ed52dd4c106362fb6b36c1c8d
-
SHA512
ac74a0676b60b52b5b68f9253ba4dd928922edc70b9290b6fdece10256bcfb6e5b629e690b51757f3f3384a47c1b61ebeca891739af5c32ed98a8a423c511546
-
SSDEEP
192:nmrXZVbn9y97L7fn6zgRPa5zacHSEvMvq1oVBUWfmd:Y+dL7SkRC5DEvf9fa
Score7/10 -
-
-
Target
zpic.exe
-
Size
714KB
-
MD5
d80959b028da5d6470d293328b2a0ba7
-
SHA1
ec4b19ea5df2c2c0737beeec34c060380c8163fd
-
SHA256
e764ced763fe91377ca6b76e8c5b284d841c5e440ecef96845cde5d4f5b6ac1d
-
SHA512
498bb1cb463149dbbbcc2050b8f8dd5eabb65aab803349af62e0558447017e3d328cf2d24c63018fb15cf3bd9283399d5d52726c9d1364f2a6e0adbc2f459304
-
SSDEEP
12288:R4ca/W/vCBqYWng3Sy+6On7oXuPelrdBlun1OJ9GdjUU:RVm9BFWnQ47/6bk1OJ9GdjJ
Score3/10 -
-
-
Target
zplayer.exe
-
Size
1.1MB
-
MD5
585c65b47b4a381e6d5c024b811fb7e7
-
SHA1
9261c812bbb032cb4a09e6436abe15f6a3d5c3c2
-
SHA256
35f37308996854d59ff62796a23dc613adece539a0f36eb5779179c1e261a292
-
SHA512
3824a28b224dcb694479fb8f51bbe560c1f2133cf3390cd662f17e55452ff857e2d53c003ac0ffdcfab36fbc1484bea58f37f46836fefd6cd0aca2662e247283
-
SSDEEP
12288:YSIVDRuZEMBqsW/e8SbfZSqrD6x/fjc9VrYIaOKDZ5njNwk9t/zHSUY7eAJA4Fhs:g//7WYqrswNH6VjNNryX7eM36B1Rqj5A
Score7/10-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
zpresampler.dll
-
Size
11KB
-
MD5
f3e1188910b03289d190a054fb881764
-
SHA1
13d2cc2acb3db40e26816422aafebbffc29b929a
-
SHA256
1b56fca4cf4746f0a3b02b24375148023fdc67c9f1125dc87168214460f074dc
-
SHA512
79d2bc3a17fae5a1bdd71d1d40a048d564a7841b5e6e0ce4952a606f41f94f2e043542b3a559b33269380602a701ff537b218fa32fd97010ef748fbc53161416
-
SSDEEP
192:2bveE7E2u2ChnpTGTtJZpoG1bh9IcMjVMPdx6SfGp947L6/buX0yh+:2bveOE2unpTGT96Cbh9IcMjVQPCs7ORl
Score7/10 -
-
-
Target
zpupdate.exe
-
Size
23KB
-
MD5
1dd1dbbf7622cf006f57c478d209d955
-
SHA1
ea5aa595248ff31953634e023fa4bda87393d6e7
-
SHA256
654c9bb7614fce3f7ef74f2e42a66586b2e243548f2ab6ac4983288ca59019c2
-
SHA512
25aec65845aab4465a15aaa8fd32bd492dff5b18736e7da2cc1e5bb65fada3ae003b0f8db92958fb7f14f17d048485775d5a16b66550e665f456be956de5258e
-
SSDEEP
384:/FoxqeCLZZEhL86YS1Fyk/d7XxzQEnRrHm0ajdN8OhALWfsXVKV5HaNJawcudoDM:LeCLmY6yEd7hzQEtjadN8OhALWfslSo7
Score7/10 -
-
-
Target
新云软件.url
-
Size
133B
-
MD5
4f0017b3b346bd0626f0c3b915e6e734
-
SHA1
823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
-
SHA256
df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
-
SHA512
0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score1/10 -